141 lines
3.4 KiB
YAML
141 lines
3.4 KiB
YAML
---
|
|
|
|
- name: Setup postgres
|
|
include_role:
|
|
name: postgre
|
|
vars:
|
|
postgres_users:
|
|
- name: bridge_signal_user
|
|
password: "{{ matrix_bridge_signal_postgre_user_pwd }}"
|
|
databases:
|
|
- name: bridge_signal
|
|
owner: bridge_signal_user
|
|
local: C
|
|
template: template0
|
|
no_log: {{ enable_no_log | default('true') }}
|
|
|
|
- name: Install the pgp key for the signald repo.
|
|
copy:
|
|
src: signald-keyring.gpg
|
|
dest: /etc/apt/trusted.gpg.d/signald-keyring.gpg
|
|
mode: 0644
|
|
|
|
- name: Add signald repo to source list
|
|
ansible.builtin.apt_repository:
|
|
repo: "deb https://updates.signald.org unstable main"
|
|
state: present
|
|
|
|
- name: Install dependencies
|
|
apt:
|
|
name:
|
|
- signald
|
|
- python3
|
|
- python3-virtualenv
|
|
- python3-pip
|
|
- libolm-dev # for encryption
|
|
- python3-dev #
|
|
- build-essential #
|
|
state: latest
|
|
update_cache: true
|
|
register: apt_result
|
|
retries: 3
|
|
until: apt_result is succeeded
|
|
|
|
- name: Enable the signald daemon
|
|
systemd:
|
|
name: signald
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Create the mautrix-signal user
|
|
user:
|
|
name: mautrix-signal
|
|
home: /opt/mautrix-signal
|
|
groups:
|
|
- signald
|
|
password_lock: yes
|
|
system: yes
|
|
|
|
- name: Install bridge
|
|
become: yes
|
|
become_user: mautrix-signal
|
|
pip:
|
|
name: mautrix-signal[all]
|
|
state: latest
|
|
virtualenv: /opt/mautrix-signal
|
|
virtualenv_command: virtualenv
|
|
virtualenv_python: /usr/bin/python3
|
|
|
|
- name: Check if the bridge is already configured
|
|
stat:
|
|
path: /opt/mautrix-signal/config.yaml
|
|
register: register_config
|
|
|
|
- name: Set read token variable
|
|
block:
|
|
- name: read config file
|
|
slurp:
|
|
src: /opt/mautrix-signal/config.yaml
|
|
register: encoded_config
|
|
- name: decode config file
|
|
set_fact:
|
|
signal_config: "{{ encoded_config.content | b64decode | from_yaml }}"
|
|
- name: extract tokens
|
|
set_fact:
|
|
matrix_bridge_signal_as_token: "{{ signal_config.appservice.as_token }}"
|
|
matrix_bridge_signal_hs_token: "{{ signal_config.appservice.hs_token }}"
|
|
when: register_config.stat.exists
|
|
|
|
- name: Configure the bridge
|
|
template:
|
|
src: config.yaml
|
|
dest: /opt/mautrix-signal/config.yaml
|
|
owner: mautrix-signal
|
|
group: nogroup
|
|
mode: '0600'
|
|
notify: Restart the signal bridge
|
|
no_log: {{ enable_no_log | default('true') }}
|
|
|
|
- name: Generate signal-registration.yaml
|
|
become: yes
|
|
become_user: mautrix-signal
|
|
shell:
|
|
cmd: "/opt/mautrix-signal/bin/python -m mautrix_signal -g"
|
|
chdir: /opt/mautrix-signal
|
|
creates: /opt/mautrix-signal/registration.yaml
|
|
notify: Restart synapse
|
|
no_log: {{ enable_no_log | default('true') }}
|
|
|
|
- name: Ensure the registration directory exists
|
|
file:
|
|
path: /etc/matrix-synapse/registrations
|
|
state: directory
|
|
group: root
|
|
owner: root
|
|
mode: u=rwx,g=rx,o=rx
|
|
|
|
- name: Copy registration for synapse
|
|
file:
|
|
src: /opt/mautrix-signal/registration.yaml
|
|
dest: /etc/matrix-synapse/registrations/signal-registration.yaml
|
|
state: link
|
|
|
|
- name: Ensure the log directory exists
|
|
file:
|
|
path: /var/log/bridge_signal
|
|
state: directory
|
|
group: nogroup
|
|
owner: mautrix-signal
|
|
mode: u=rwx,g=rx,o=
|
|
|
|
- name: Copy the daemon configuration
|
|
template:
|
|
src: bridge_signal.service
|
|
dest: /etc/systemd/system/bridge_signal.service
|
|
notify: Restart the signal bridge
|
|
|
|
- name: Enable the daemon
|
|
systemd:
|
|
name: bridge_signal
|
|
state: started
|
|
enabled: yes
|